Should I use DES, Blowfish, or MD5 passwords and how do I specify which form my users receive?

The default password format on FreeBSD is to use MD5-based passwords. These are believed to be more secure than the traditional Unix password format, which used a scheme based on the DES algorithm. DES passwords are still available if you need to share your password file with legacy operating systems which still use the less secure password format (they are available if you choose to install the ``crypto'' distribution in sysinstall, or by installing the crypto sources if building from source). Installing the crypto libraries will also allow you to use the Blowfish password format, which is more secure. Which password format to use for new passwords is controlled by the ``passwd_format'' login capability in /etc/login.conf, which takes values of ``des'', ``blf'' (if these are available) or ``md5''. See the login.conf(5) manual page for more information about login capabilities.
Suggest a Site